After having completed quite a few Office 365 migrations in the last year, I think it’s important to point out a very critical success variable for transition: the desktop. Whether using a cutover, staged or hybrid coexistence approach with native tools – or using 3rd party migration tools for Notes/GroupWise – or using 3rd party tools for self-service – I’ve done it all. At the end of the day, there is still the end user. Outlook updates need to be verified, ActiveSync profiles often need to be recreated, and there is always the backend need for running desktop updates and potentially the Office 365 Sign-In Assistant. These tasks very rarely can be left up to the end user, and very often are underestimated. Make sure when you’re looking at an Office 365 deployment that you consider desktop updates a critical part of the project: design for it, manage the tasks and track for proper completion. Make sure there is a defined plan, with defined resources, in place prior to completing the backend mailbox migration. If you’re working with a company that has not asked about this variable, ask them what their plan is. If you are aware of this element, make sure you review your plan to ensure it’s solid. There is no reason to move all your data in to Office 365 if you don’t have a solid plan for accessing it once it’s there.
Latest Entries »
Microsoft Lync Web Scheduler is a web-based program that you can use to create Lync Meetings if you don’t have Microsoft Outlook, or are on an operating system not based on Windows. With Web Scheduler, you can create new meetings, change your existing meetings, and send invitations with your favorite email program.
In the Software downloads – Lync section – you can see the option to Launce the Lync Web Scheduler for users without Outlook or Windows as meeting scheduling options:
Once launched, you can see all the Meeting Scheduling options available, including options for who can bypass the lobby and who will be the presenters:
Once the meeting is created, you’ll be presented with the meeting URL to copy/paste in to the e-mail client of your choosing:
And, lastly, existing meetings can all be managed from the browser, as well:
As the product is further developed, it is likely that you will continue to see more capabilities here; that being said, this is already a great option for users who do not have Outlook installed (pure OWA?). I look forward to the rest of the web-based functionality Microsoft will be pushing to remove desktop dependencies. Maybe my Surface RT really can be a laptop replacement someday!
In the upcoming Office 365 update, using the 2013 backend architecture, Office 365 administrators will be able to take advantage of a new set of Compliance Management capabilities. Data Loss Prevention, part of an earlier blog, is included in these new features, as is enhanced auditing, journal rules, retention tags/policies, and a new version of in-place eDiscovery and Legal Hold. Legal Hold is now expanded to include items such as Lync (with some limitations), and easier to work with.
The Compliance Management section is found in the Exchange administrative features in the Office 365 Preview:
You can see I’ve already created some different searches for client demos. For this blog, I’m going to walk you through how the Lync eDiscovery search is created, but also show you where the other options can be configured. The process is easily repeatable, and all configured through the GUI.
When you create a new search, you’ll see 4 options available:
1. Name (and Description)
2. Mailboxes – you can determine whether All Mailboxes or individual users are part of the search. This allows for multiple policies (i.e. overlapping legal holds) to apply to the same user.
You can also see how many In-Place Holds apply to an individual user by viewing Exchange Admin Center -> Recipients -> Click on a user and view the In-Place Hold section that populates on the right side of the screen. If you select View Details, you get this:
You can see the policy named In-Place Hold is applied to my test account.
3. Search Query – here is where you configure the desired results of the search/hold policy being created. You can see that the search is fairly robust, with Keywords, Dates, From, To and Message Types being available.
The available Message Types, including Lync, are here:
4. In-Place Hold – as its name would indicate, here is where you define whether this is an eDiscovery search or an In-Place Hold (Legal Hold) policy. Note that you can make this a “soft”, or rolling, legal hold without engaging Microsoft support channels or using PowerShell simply by specifying a number of days for the policy to apply. Again, remember you can have overlapping policies on individual users, without manual intervention.
Now that the search is created, we can easily preview the search results from an account with the proper permissions applied:
And, finally, we can view the results of Lync conversations between the two users identified in the search:
The IM conversation show indicates sources from which the IMs were sent. This is important, because not all sources are currently covered. I was able to see IMs and generated phone calls from a full desktop client (Lync 2013 and Lync 2010), as well as Lync MX (from my Surface RT). I was not, however, able to audit conversations generated from a Lync Mobile application. This example shows the receiving end of a Lync Mobile IM conversation (received on the Lync 2013 desktop client), but the original IM is not found when viewing results for Johnny Test User. What this means is that any IM conversations between two or more users using Lync Mobile would never be caught by the current Compliance Management capabilities. Above and beyond that, this is not a tool meant to track phone usage, as any calls generated by Lync Phone Edition will also not be tracked.
Lync 2013 version support for Compliance and Archiving can be found here: http://technet.microsoft.com/en-us/library/gg425836.aspx
So, as you can see, eDiscovery and Legal Hold have gotten much easier in Office 365 Preview…but I’m sure it still won’t prevent people from saving subfolders/years of data in their Deleted Items folder!
Office 365 Preview: Integrated Apps for Outlook Web App
Microsoft has introduced the concept of app downloads, similar to mobile device app stores, to the Outlook Web App (OWA) experience. While a few applications are pre-installed, the Microsoft Office Store (http://office.microsoft.com) has additional options available for download and deployment to OWA users.
Pre-installed Applications – Bing Maps:
Bing Maps, a pre-installed application, is an excellent tool for any email that has an address included. In the even that no address is present, Bing Maps doesn’t even show up; if there is an address, however, you can easily view the location on a map with a single click.
No Address Included in Message:
Address Included in Message:
Installing New Apps for OWA:
Additional apps will come as developers contribute, but some familiar names can already be found. LinkedIn is an app that I have downloaded from the Office Store and installed on Exchange Online for deployment to the Office 365 users. The process is very easy.
1. Find the app you want to install and click on Add:
2. Confirm installation after authenticating in the Office 365 Preview:
3. Configure your deployment preference. You can see here LinkedIn is deployed to Everyone:
4. Enable the app:
5. Now I can do a LinkedIn search against email senders/recipients without leaving my email:
As enterprises explore additional functionalities (i.e. as the Office Store grows), they will be able to see massive opportunity to integrate business functionality directly in to OWA. This is not simply a gimmick (<cough> OWA Themes), it is yet another move by Microsoft to make Office 365 an Enterprise-level suite of applications that bring efficiency and productivity to every business environment.
Installing and Configuring Rights Management Services (RMS) for Office 365 Preview
Rights Management can be used to safeguard sensitive information created using Office applications such as email or other memos or correspondence that requires confidential treatment. Rights are assigned to content when it is published and the content is distributed in an encrypted form that provides persistent protection wherever the content travels. Rights that can be assigned include the ability to allow or deny viewing, printing, copying of messages or documents as needed using template-based assignment.
Enabling services with Exchange Online
- Install Windows PowerShell for Rights Management (http://technet.microsoft.com/en-us/library/jj585012.aspx)
- Connect to your Exchange Online account using Windows PowerShell (per http://technet.microsoft.com/en-us/library/jj585001.aspx): Enable-OrganizationCustomization
- If you’re located in North America, run the following command to set the key sharing URL: Set-IRMConfiguration –RMSOnlineKeySharingLocation “https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc”
- Run the following command to import the trusted publishing domain (TPD): Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”
- To support OWA functionality, change the IRM configuration in PowerShell for internal licensing: Set-IRMConfiguration –InternalLicensingEnabled $true
- Test the configuration by running the following command: Test-IRMConfiguration -RMSOnline
Office Integration with Rights Management
When creating or consuming information rights management (IRM) protected content, updates may be required. The requirements for each version of Office can be found here: http://technet.microsoft.com/en-us/library/jj585031.aspx
If these updates are not applied, you will not be able to download the templates.
Using RMS with Outlook
If the templates are installed, you can now select templates to use on an individual email (only for users within your Organization, or with users that have an Office 365 login)
Now when the email is sent with the proper template applied,
the receiver is unable to manipulate the message per the template:
Find complete details on information protection with Office 365 here: http://blogs.technet.com/b/rhalbheer/archive/2012/09/27/paper-information-protection-and-control-ipc-in-office-365-preview-with-windows-azure-ad-rights-management.aspx
Update: Another blog has just been released in regards to this technology: http://sharepoint.microsoft.com/blog/Pages/BlogPost.aspx?pID=1048
Data Loss Prevention templates are offered in the upcoming 2013 version of Office 365 and, while these sound great, there isn’t a lot of detail on what rules are put in to place when these templates are implemented. I have gone through each of the US-based templates (there are many other nation’s laws accounted for, as well) and built a table showing the content. If you’re considering deploying one of these DLP policies, review the rules to determine if it meets your needs, or if additional rules are required. Remember, just because you choose to deploy a DLP policy does not mean you’re restricted to only those rules the policy provides!
|Template||If the message…||Do the following…|
|U.S. Federal Trade Commission (FTC) Consumer Rules (184.108.40.206)||
|U.S. Financial Data (220.127.116.11)||
|U.S. Gramm-Leach Biley Act (GLBA) (18.104.22.168)||
|U.S. Health Insurance Act (HIPAA) (22.214.171.124)||
|U.S. Patriot Act (126.96.36.199)||
|U.S. Personally Identifiable Information (PII) Data (188.8.131.52)||
|U.S. State Breach Notification Laws (184.108.40.206)||
|U.S. State Social Security Number Confidentiality Laws (220.127.116.11)||
Now that the Office 365 Preview site is up for those that want to see what the new wave of Office 365 looks like, I am taking the opportunity to provide a high level preview for those that are interested. This is by no means an in-depth look at any new features (those will be next), but rather a bird’s eye view of things to get excited about. The screen prints below are rather small, but you can click on them to expand to a larger size.
For those that have taken part in the Office 2013 preview (http://www.microsoft.com/office/preview/en), the new Office 365 environment will offer many similarities. Obviously all the Microsoft teams are working together on the upcoming wave of software/services rollouts to ensure a consistent look and feel.
Additionally, the often annoying characteristic of multiple windows popping up when navigating the Office 365 portal has been changed to a more streamlined single-window pane. You can see below that the majority of the administration options are presented in the same location, with the selected user’s data displaying off to the right.
Of course, a separate window still pops up for editing the user, but I like the more neutral tones and classier fonts:
Ok, enough of the “look and feel” you say, and on to the new stuff! Well, in case you didn’t see it in the earlier screen print, Office 365 is now supporting Public Folders! (That’s right…despite years of being told they would go away at some point even for Exchange on-premises…). Now you will be able to create Public Folder Mailboxes and populate them with Public Folders:
Data Loss Prevention templates are now available to actively monitor all email for sensitive content and enforce protection requirements. A subset of the templates are seen here:
As has been Microsoft’s tendency, they have again added even more functionality in to the GUI, rather than leaving admins as dependent on PowerShell as they were in previous versions. For example, you can now create Equipment mailboxes straight from the GUI:
Lync Online provides more customization, and includes more GUI access to their newly available Lync Online Plan 3 (Lync to Phone). Additionally, Meeting Invitation customization is now available:
Although SharePoint isn’t my forté, it’s clear to see that a change has been made here as well:
Above and beyond the Office 2013 download being available, Office 365 now also includes SharePoint Designer 2013 as well:
The whole experience is very exciting, as Microsoft continues to rapidly grow their Office 365 offerings while staying competitively priced in the market. I’m anxious to see what the final product will look like!
Lync to Phone is the latest offering from Microsoft Office 365 that allows users to go beyond the existing IM/Presence capabilities of Lync Online and start the take advantage of telephony. Customers who subscribe to this plan (Lync Plan 3) are able to make and receive phone calls to/from external telephones with their Lync Online client. Additionally, combined with these voice capabilities, you can expect all the previously existing features and functionality of Lync Online:
• Real-time presence information—including photos, availability status, and location—and enhanced instant messaging (IM) to connect efficiently and effectively.
• Make voice calls through your computer to other Lync users in your organization or in other organizations that use Lync.
• Get a single work number to make and receive calls to any phone number.
• Create, moderate, and join pre-planned and on-the-fly audio, video, and web meetings with people inside and outside your organization.
• Enhance online presentations with screen-sharing and virtual whiteboards.
• Let customers participate in your Lync conference calls even if they are not Office 365 customers.
There are a few considerations to keep in mind at this point in time:
1. Lync Plan 3 is currently not available with the E4 License suite with Office 365 (though it will be soon!)
2. A calling service provider is required for Lync to Phone functionality
a. There is only one approved vendor for this service at this time, Jajah Voice (http://office365.pinpoint.microsoft.com/en-us/applications/jajah-voice-for-office-365-12884930736/company)
b. There is a separate charge for the calling service above and beyond the “per user, per month” price for Lync Plan 3, ranging from $14-$30 per line, per month (https://voice4lync-us.jajah.com/pricing/plan-details/8a617b03-2ef6-45f4-9f7f-be72357b17ff)
3. 30-day trials are available for both Lync Plan 3 and for JaJah Voice, so you can try it out without the 12-month commitment
This is a giant leap forward in making Lync Online as attractive as Lync 2010 on-premises, and a great opportunity to get all the benefits of Lync over a traditional PBX environment without having to incur the costs of on-premises deployment.
In order to manage Office 365 via Remote PowerShell, there are a number of commands required. For anyone finding themselves jumping in and out of a remote powershell session, or moving between multiple tenants, continuously going through the authentication commands can be tedious. Upon opening a standard PowerShell command prompt via Windows 7, the following commands are run to authenticate:
$cred = get-credential
$s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic -AllowRedirection
$importresults = Import-PSSession $s
Rather than typing this in to a PowerShell command prompt every time I want to connect, I instead added all of these commands in Notepad and saved the file as a .ps1. Additionally, I’ve set my Execution Policy to allow unrestricted scripts (set-executionpolicy unrestricted). Now, when I want to connect, all I have to do is drag and drop my MSOnline.ps1 file in to PowerShell, fill in the appropriate Office 365 administrator credentials, and I’m logged in and ready to go.
When I work with clients on Exchange upgrades/migrations, I go through a standard list of questions to get their current state environment. These questions are important in terms of appropriately sizing a messaging environment, and very often the clients end up estimating numbers because they don’t have any empirical data to work with. Enter Quest and their MessageStats software.
MessageStats aggregates Exchange data and provides easy to use reports at the click of a button. A few of the reports available can be seen in the Report List image. Many of the current state assessment questions can be easily answered with these stock reports. Want to know average message size or how many messages are sent/received per day? One click. Want to know top senders and/or receivers? I can provide a graph and specific details easily.
Above and beyond the stock reports is the ability to create my own meaningful reports for “at a glance” environment reporting and even provide some internal numbers to allow for financial assessments. For a per-mailbox cost, this tool pays for itself in the amount of effort it saves (and how good it makes me look when management asks questions about Exchange).
I recommend this tool to every client I work with, and offer to set up the free 90-day demo environment to show them how it is effective and easy to use. It can be used for Exchange 2007/2010 and/or Exchange Online (Office 365). There are additional reporting packs not only for OWA, but also for OCS 2007/Lync 2010 and a variety of other Exchange-integrated applications. Project Leadership Associates is a Quest partner and can assist with not only MessageStats deployments, but also any of their other tools used for managing a messaging solution.